<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2021/12/15
 * Time: 09:46
 */
include_once '../tools/DbTools.php';
$username = $_POST['username'];
$password = $_POST['password'];
$url = '';
$msg = '';
$is_valid = false;
session_start();
if (!empty($username) && !empty($password)){
    //初始化数据库
    DbTools::initDb();
    $sql = "select *,(select RealName from accountinfo where accountinfo.AccountId = bankcard.AccountId) RealName from bankcard 
where CardNo='$username' and CardPwd='$password'";
    $result = DbTools::select($sql);
    //关闭数据库连接
    DbTools::close();
    if (!empty($result)){
        $is_valid = true;
        $msg = '登入成功';
        $url = 'userInfo.php';
        $token = md5($username.$password.time());
        setcookie('Token',$token,time()+3600,'/');
        $_SESSION[$token] = [
            'username'=>$username,
            'password'=>$password,
            'CardId'=>$result[0]['CardId'],
            'CardNo'=>$result[0]['CardNo'],
            'RealName'=>$result[0]['RealName']
        ];
    }

}
if (!$is_valid){
    $msg = '用户名或密码错误';
    $url = 'loginUi.php';
}


?>
<!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8" />
		<title></title>
	</head>
	<body>
		<input type="hidden" name="url" id="url" value="<?php echo $url?>" />
		<input type="hidden" name="msg" id="msg" value="<?php echo $msg?>" />
	</body>
	<script type="text/javascript">
onload = function(){
    var url = document.getElementById('url').value;
    var msg = document.getElementById('msg').value;
    alert(msg);
    location.href = url;
}
	</script>
</html>